Clik here to view.
PDF analysis of Nuclear Pack EK and CVE-2010-0188/CVE-2013-2883
On Malwarebytes’ blog it’s recently been published a description about Nuclear Pack exploit kit, though there isn’t a description of the PDF exploit used, so we’ve decided to proceed with a more...
View ArticleClik here to view.
Metasploit: Wing FTP Server Authenticated Command Execution
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::Remote...
View ArticleClik here to view.
Mulitple WordPress Themes (admin-ajax.php, img param) - Arbitrary File Download
# WordPress CuckooTap Theme & eShop Arbitrary File Download# Risk: High# CWE number: CWE-200# Author: Hugo Santiago# Contact: hugo.s@linuxmail.org# Date: 31/08/2014# Vendor Homepage:...
View ArticleClik here to view.
WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload Vulnerability
Summary: WordPress Slideshow Gallery plugin version 1.4.6 suffers from a remote shell upload vulnerability.Found by: Jesus Ramirez Pichardo @whitexploit http://whitexploit.blogspot.mx/Date:...
View ArticleClik here to view.
New CryptoLocker copycat ransomware in the wild
A new file-encrypting ransomware has been released that is going by the infamous CryptoLocker name. Though this infection is using the same name as the CryptoLocker ransomware that was released in...
View ArticleClik here to view.
Android security mystery – ‘fake’ cellphone towers found in U.S.
Seventeen mysterious cellphone towers have been found in America which look like ordinary towers, and can only be identified by a heavily customized handset built for Android security – but have a much...
View ArticleClik here to view.
Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability
Document Title:===============Apple iOS v7.1.2 - Merge Apps Service Local Bypass VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1280Video:...
View ArticleClik here to view.
LEVERAGING WMI FOR SHELLS
I often find myself constrained in my ability to operate freely within the networks I have access to and have had to learn as much as I can about leveraging existing capabilities to get things...
View ArticleClik here to view.
Reflected XSS Attacks vulnerabilities used MIME Sniffing in Facebook...
I. VULNERABILITY-------------------------Reflected XSS Attacks vulnerabilities used MIME Sniffing in FacebookMessenger and Facebook App for iOS.II. BACKGROUND-------------------------Facebook is a...
View ArticleClik here to view.
[CORE-2014-0005] - Advantech WebAccess Vulnerabilities
Core Security - Corelabs Advisoryhttp://corelabs.coresecurity.com/Advantech WebAccess Vulnerabilities1. *Advisory Information* Title: Advantech WebAccess Vulnerabilities Advisory ID:...
View ArticleClik here to view.
Banks: Credit Card Breach at Home Depot
Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime...
View ArticleClik here to view.
high-performance packet filtering with pflua
Greets! I'm delighted to be able to announce the release of Pflua, a high-performance packet filtering toolkit written in Lua.more...
View ArticleClik here to view.
Bypass hardware firewalls – DEF CON 22
This is a follow-up post in connection with my DEF CON 22 presentation.TL;DR: attackers having admin privileges on Linux/Windows systems can mess with the hardware firewall between the attacker and the...
View ArticleClik here to view.
Apple Media Advisory: Update to Celebrity Photo Investigation
We wanted to provide an update to our investigation into the theft of photos of certain celebrities. When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to...
View ArticleClik here to view.
Quick Analysis of a DDoS Attack Using SSDP
Last week, one of our many clients came under an interesting attack. Enough that it was flagged for human intervention. The interesting aspect of the case was that it was a multi-faceted DDoS...
View ArticleClik here to view.
Uninit memory disclosure via truncated images in Firefox
The recent release of Firefox 32 fixes another interesting imageparsing issue found by afl [1]: following a refactoring of memorymanagement code, the past few versions of the browser ended up...
View ArticleClik here to view.
USB firmware: An upcoming threat for home and enterprise users
Every year, thousands of hackers and security researchers from around the world descend on Las Vegas to attend the annual Black Hat security conference. The conference boasts top notch security...
View ArticleClik here to view.
Advanced Access Manager allows admin users to write arbitrary files and...
Details================Software: Advanced Access ManagerVersion: 2.8.2Homepage: http://wordpress.org/plugins/advanced-access-manager/Advisory report:...
View ArticleClik here to view.
An Anatomy Of A Hack – Weak ROOT Password
So a peaceful Sunday night, I get an odd bandwidth warning for a development/testing server that a developer recently created. It was doing some fairly immense traffic, peaking at 80mb a second and...
View ArticleClik here to view.
Exploit PHP’s mail() to get remote code execution
While searching around the web for new nifty tricks I stumbled across this post about how to get remote code exeution exploiting PHP’s mail() function.First, I must say that this is only going to...
View Article